And that’s it! Use hexo as you normally would. I typically dev the content on my laptop, use “hexo server” to confirm everything looks normal (as seen in the screenshot below), then push via “hexo deploy” using SSH and rsync.

During Black Hat USA this week, I have the honor of being on a panel with Chris Hadnagy (Social-Engineer.com) and Bob Adams (Mimecast) discussing the recon that attackers perform prior to launching their attack and ways the blue team can prevent, or at the very least, make it more difficult for the attacker.

If you’re at Black Hat on Wednesday, come by and see us. Feel free to catch me afterwards or send me a message if you have any questions or enjoyed the panel. Hope to see you there!

Most major cyber attacks are launched with a phishing ploy, or some simple social engineering. But the earliest stages of any attack begin even before that – with reconnaissance of the target. In this fascinating panel session, top experts discuss some of the methods that cyber criminals use to research their targets, learn the names of their users, and develop a plan for breaking in. You’ll learn how an online attacker can discover weaknesses in the company’s security defenses, find out the names and habits of key officials and system administrators, and create convincing scams that fool key players into giving up sensitive information. Most importantly, you’ll learn how enterprise security teams can identify and interrupt this reconnaissance, making it harder for the bad guys to execute their attack plans.

The slides are now available for download from our recent webinar, “How Cyber Attackers Research Your Organization, And What To Do About It”, hosted by Dark Reading and sponsored by KnowBe4. Check out the Presentations page for the links or download directly here.

If you missed it, here’s the description and link to the webinar page. I hope you enjoy it and please reach out if you have any questions.

For most online criminals, the first step in a major attack is to do research on the target organization. This “reconnaissance” may involve sending fake emails to employees, stalking executives on social media, making fraudulent phone calls, or other social engineering techniques that might yield credentials or help lay the groundwork for a more sophisticated attack. How do you know when your organization is the target of this type of reconnaissance – and what can you do to disrupt it?

In this eye-opening webinar, you’ll learn how attackers can take advantage of your website, employees’ social media, and other vehicles to learn about your organization – and get the ammunition they need to convince your end users to trust them.

Attend this webinar and get:

Real examples of how attackers gather intel and use it to launch convincing phishing exploits

On Thursday, July 13, 2017, Dark Reading is hosting a webinar where I’ll be speaking on how attackers perform research for targeting enterprises and ways that blue teams can prepare to prevent and detect recon. KnowBe4 is sponsoring the webinar and Erich Kron, Security Awareness Advocate, will be talking about their phishing and awareness offerings.

For most online criminals, the first step in a major attack is to do research on the target organization. This “reconnaissance” may involve sending fake emails to employees, stalking executives on social media, making fraudulent phone calls, or other social engineering techniques that might yield credentials or help lay the groundwork for a more sophisticated attack. How do you know when your organization is the target of this type of reconnaissance – and what can you do to disrupt it?

In this eye-opening webinar, you’ll learn how attackers can take advantage of your website, employees’ social media, and other vehicles to learn about your organization – and get the ammunition they need to convince your end users to trust them.

Attend this webinar and get:

Real examples of how attackers gather intel and use it to launch convincing phishing exploits

I’ve finally gotten around to merging all of the content from my old personal blog that was located at johnhsawyer.com and johnhsawyer.blogspot.com with the small number of posts from sploitlab.wordpress.com. There are still some images that need to be moved over and a good bit of text/code that needs to be cleaned up, but everything seems to be working well now on sploitlab.com.

The site was developed using Octopress, which is a framework around Jekyll, a blog aware static site generator that powers Github Pages. There is no underlying database and everything seems to run very smoothly. I’m really enjoying the control it gives when developing the site.